package com.study.security.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author xl-9527
 * @since 2025/4/27
 **/
@EnableWebSecurity
@Configuration(proxyBeanMethods = false)
public class MyWebSecurityConfiguration {


    @Bean
    SecurityFilterChain securityFilterChain(final HttpSecurity httpSecurity) throws Exception {
        // 配置权限
        httpSecurity.authorizeHttpRequests(reg ->
                reg.requestMatchers("/ai/mcp/**").permitAll().anyRequest().authenticated()
        );

        // 配置登录
        httpSecurity.formLogin(reg ->
                reg.loginPage("/login").failureForwardUrl("/login-error").permitAll()).rememberMe(Customizer.withDefaults()
        );

        // 默认修改密码的页面
        httpSecurity.passwordManagement(manager ->
                manager.changePasswordPage("/change-pass")
        );
        return httpSecurity.build();
    }
}
